A company's security policy requires that access to its internal database servers should be denied from all external IP addresses except from its own VPN network, which has an IP range of 10.200.0.0/16. As a security administrator, which of the following rules should you apply to BEST meet the security policy requirement?
The correct answer ensures that only the VPN network (10.200.0.0/16) is allowed access to the internal database servers while all other external IP addresses are blocked. The rule ‘Deny from all, Allow from 10.200.0.0/16’ follows the principle of least privilege by denying access by default and only allowing a specific range. Other answers are incorrect because they either permit more access than the security policy allows or because the IP range specified does not match the VPN network's IP range, thus potentially providing access to unauthorized users or entirely blocking legitimate access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'Deny from all, Allow from 10.200.0.0/16' mean in networking?
Open an interactive chat with Bash
What is the significance of using VPN in this context?
Open an interactive chat with Bash
What is the principle of least privilege and how does it apply here?